Thesis (M.S., Computer Science)--University of Idaho, June 2014 | Promiscuous mode is a powerful tool for both attackers and system administrators. The detection of a network interface card running in promiscuous mode is also a powerful tool, which has broad implications in terms of usage and legal application. Previous research has discussed the use of several techniques for the detection of network interface cards running in promiscuous mode. This thesis analyzes the potential use of several of these methods in a virtualized environment. Two tests in particular, Round Trip Time and Load Detection Technique, are tested to see if their statistical approach is suited to a virtualized system and if the methods will work, given the somewhat centralized resources of a virtualized environment.
